This invention relates to security management of electronic product code information. Electronic Product Codes (EPC) is a family of coding schemes for RFID (Radio Frequency IDentification) tags. The EPC is designed to meet the needs of various industries, while guaranteeing the uniqueness for all EPC-compliant tags. All EPC numbers contain a header identifying the encoding scheme that has been used. This in turn dictates the length, type and structure of the EPC. EPC coding schemes typically contain a serial number which can be used to uniquely identify a single object. For example, a 96-bit EPC number allows approximately 1.3×1016 items to be coded annually, roughly corresponding to the number of grains of rice consumed globally each year.
The RFID and EPC technologies provide the basis for new traceability applications for items such as products to emerge everywhere. In this document, the term product refers to any physical object or item that is associated with an EPC. Parties that want to share their data in order to create increased business value need new mechanisms for querying traceable data. In addition to business considerations, companies are more likely to share their data if the services infrastructure is scalable, secure and easy to use.
The EPCglobal Network architecture describes components and interfaces for EPC-related information exchange between servers that contain information about items identified by EPC numbers. The servers, typically known as EPCISs (EPC Information Services), which are linked through a set of network services, store relevant product information related to specific EPC numbers. Typically, events are submitted directly from systems that sense EPCs, such as RFID readers and 1D- or 2D-barcode scanners. Events can also be submitted from systems that have received RFID data and “cleaned up” the data, for example, by applying filtering and transformation on the raw data events delivered by the RFID sensors. For example, a submitted event can describe a read operation of an RFID reader or an aggregation operation, where a set of EPCs is associated with another EPC. Such an aggregation operation can occur, for example, when several RFID-tagged items are packed into a container which is itself tagged with an RFID chip. The EPCISs are typically queried by other EPCIS systems, by extract-transform-load (ETL) systems that extract bulk data from the EPCIS and import the extracted data into a data warehouse for business intelligence applications, or by other customized applications that continuously monitor events.
The need for protecting information traces of items in supply chains is a challenge, in particular in new information infrastructures such as the EPCglobal networks, where partners want to share information, such as EPC events, with the help of EPCIS repositories. The current EPCglobal standard does not require EPCIS implementations to enforce authorization of queries, but suggests ideas of how an EPCIS could react in order to provide some notion of authorization. Some of the suggested reactions described in the standard document state that the EPCIS service could refuse to honor the request altogether, that the service could respond with less data than requested and that the service could hide information. However, no details are provided as to how these suggested reactions could be implemented in a secure way.